Microsoft press ebook_introducing_windows_server_2012_pdf

1,076

Published on

Published in: Education, Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,076
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
21
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Microsoft press ebook_introducing_windows_server_2012_pdf

  1. 1. IntroducingWindows Server®2012: RTM EditionMitch Tulloch with theWindows Server Team
  2. 2. PUBLISHED BYMicrosoft PressA Division of Microsoft CorporationOne Microsoft WayRedmond, Washington 98052-6399Copyright © 2012 by Microsoft CorporationAll rights reserved. No part of the contents of this book may be reproduced ortransmitted in any form or by any means without the written permission of thepublisher.Library of Congress Control Number: 201944793ISBN: 978-0-7356-7535-3Printed and bound in the United States of America.First PrintingMicrosoft Press books are available through booksellers and distributors worldwide.If you need support related to this book, email Microsoft Press Book Support atmspinput@microsoft.com. Please tell us what you think of this book athttp://www.microsoft.com/learning/booksurvey.Microsoft and the trademarks listed at http://www.microsoft.com/about/legal/en/us/IntellectualProperty/Trademarks/EN-US.aspx are trademarks of the Microsoft group ofcompanies. All other marks are property of their respective owners.The example companies, organizations, products, domain names, email addresses, logos,people, places, and events depicted herein are fictitious. No association with any realcompany, organization, product, domain name, email address, logo, person, place, orevent is intended or should be inferred.This book expresses the author’s views and opinions. The information contained inthis book is provided without any express, statutory, or implied warranties. Neither theauthors, Microsoft Corporation, nor its resellers, or distributors will be held liable for anydamages caused or alleged to be caused either directly or indirectly by this book.Acquisitions Editor: Anne HamiltonDevelopmental Editor: Valerie WoolleyProject Editor: Valerie WoolleyEditorial Production: Diane Kohnen, S4Carlisle Publishing ServicesCopyeditor: Susan McClungIndexer: Jean SkippCover: Twist Creative . Seattle
  3. 3. Contents at a GlanceIntroduction xiCHAPTER 1 The business need for Windows Server 2012 1CHAPTER 2 Foundation for building your private cloud 17CHAPTER 3 Highly available, easy-to-manage multi-server platform 85CHAPTER 4 Deploy web applications on premises and in the cloud 159CHAPTER 5 Enabling the modern workstyle 191Index 229
  4. 4. vWhat do you think of this book? We want to hear from you!Microsoft is interested in hearing your feedback so we can continually improve ourbooks and learning resources for you. To participate in a brief online survey, please visit:microsoft.com/learning/booksurveyContentsIntroduction xiChapter 1 The business need for Windows Server 2012 1The rationale behind cloud computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Making the transition 2Cloud sourcing models 3Cloud service models 4Microsoft cloud facts 5Technical requirements for successful cloud computing. . . . . . . . . . . . . . . . 6Four ways Windows Server 2012 delivers value for cloud computing. . . 10Foundation for building your private cloud 10Highly available, easy-to-manage multi-server platform 12Deploy web applications on-premises and in the cloud 13Enabling the modern work style 14Up next. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15Chapter 2 Foundation for building your private cloud 17A complete virtualization platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Hyper-V extensible switch 21Network Virtualization 31Improved Live Migration 37Enhanced quality of service (QoS) 45Resource metering 48
  5. 5. vi ContentsIncrease scalability and performance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50Expanded processor and memory support 51Network adapter hardware acceleration 54Offloaded Data Transfer (ODX) 58Support for 4 KB sector disks 59Dynamic Memory improvements 60Virtual Fibre Channel 65SMB 3 66Improved VM import 71VHDX disk format 72Business continuity for virtualized workloads. . . . . . . . . . . . . . . . . . . . . . . . 73Hyper-V Replica 73There’s more 81Up next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83Chapter 3 Highly available, easy-to-managemulti-server platform 85Continuous availability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88Failover Clustering enhancements 91SMB Transparent Failover 117Storage migration 117Windows NIC Teaming 120Chkdsk improvements 124Easy conversion between installation options 125Features On Demand 129DHCP Server Failover 129Cost efficiency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130Storage Spaces 131Thin Provisioning and Trim 138Server for NFS data store 139Management efficiency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
  6. 6. viiContentsThe new Server Manager 141Simplified Active Directory administration 147Windows PowerShell 3.0 151Up next. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157Chapter 4 Deploy web applications on premises andin the cloud 159Scalable and elastic web platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159NUMA-aware scalability 160Server Name Indication 163Centralized SSL certificate support 166IIS CPU throttling 172Application Initialization 175Dynamic IP Address Restrictions 176FTP Logon Attempt Restrictions 180Generating Windows PowerShell scripts using IISConfiguration Editor 183Support for open standards. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186WebSocket 187Support for HTML 5 189Up next. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190Chapter 5 Enabling the modern ­workstyle 191Access virtually anywhere, from any device. . . . . . . . . . . . . . . . . . . . . . . . . 191Unified remote access 192Simplified VDI deployment 204User-Device Affinity 212Enhanced BranchCache 213Branch Office Direct Printing 214Full Windows experience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215RemoteFX enhancements 215Enhanced USB redirection 217
  7. 7. viii ContentsUser Profile Disks 218Enhanced security and compliance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221Dynamic Access Control 221BitLocker enhancements 224DNSSEC 226Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227Index 229What do you think of this book? We want to hear from you!Microsoft is interested in hearing your feedback so we can continually improve ourbooks and learning resources for you. To participate in a brief online survey, please visit:microsoft.com/learning/booksurvey
  8. 8. ixForewordForewordWindows Server 2012 introduces a plethora of new features to address theevolved needs of a modern IT infrastructure and workforce. The coreof this ­experience is the need to scale out, virtualize, and move workloads,­applications, and ­services to the cloud. Windows Server 2012 incorporates ourexperience of building, ­managing, and operating both private and public clouds,all based on Windows Server. We used that experience to create an operatingsystem that provides organizations a scalable, dynamic, and multi-tenant-awareplatform that ­connects ­datacenters and resources globally and securely. Clouds,whether ­deployed as public or private, rely on the same technology and ­provide­consistency for ­applications, services, management, and experiences when theyare deployed in a hosted environment, in a single-server, small office, or inyour corporate ­datacenter. They are all the same, and the platform should scale­consistently and be managed easily from the small business office to the infinitelylarge public cloud.The Windows Server team employed a customer-focused design approach todesign in-the-box solutions that address customers’ real-world business ­problems.We realized that we needed to cloud-optimize environments by ­providing an­updated, flexible platform. We also knew that it was incumbent upon us to ­enableIT professionals to implement the next generation of technologies needed for­future applications and services. We focused on end-to-end solutions that arecomplete and work out of the box with the critical capabilities for the ­deploymentsneeded for the mobile and always-connected users, workforce, and devices.To achieve these goals, we carefully planned a complete virtualization platformwith flexible policies and agile options that would enable not only a high-densityand scalable infrastructure for all workloads and applications, but also enablesimple and efficient infrastructure management. Once in place, with maximizeduptime and minimized failures and downtimes, the value proposition of an openand scalable web platform that is aligned to and uses the lowest-cost commoditystorage and networking provides a comprehensive solution better than any otherplatform.In addition, Windows Server 2012 provides next-generation data security andcompliance solutions based on strong identity and authorization capabilitiesthat are paramount in this evolving cloud-optimized environment. The mobile,­work-everywhere culture demands not only compliance, but also protectionagainst the latest threats and risks.
  9. 9. x ForewordAnd, last but not least, Windows Server 2012 comes with the needed ­reliability,power efficiency, and interoperability to integrate into environments withoutrequiring numerous and complex add-ons, installations, and additional softwareto have a working solution.As one of the senior engineering leaders in the Server and Cloud Division ofMicrosoft, we have an opportunity to change the world and build the WindowsServer 2012 platform to host public and private clouds all over the world. We tookour experience and learning from Hotmail, Messenger, Office 365, Bing, ­WindowsAzure, and Xbox Live . . . all of which run on Windows Server to design and ­createWindows Server 2012 so that others are capable of building their own privateclouds, hosting the latest applications, or deploying the next set of cloud serviceswith world-class results.This book is compiled from the expertise we have gained from the publicclouds that we have run for years, as well as the experience from many expertson how to use the Hyper-V and Windows Server technologies optimally. Wewanted to provide this book as a compilation of the engineering team’s inside­knowledge and best practices from early adopter deployments. It provides aunique ­introduction on how to cloud-optimize your environment with WindowsServer 2012.David B. CrossDirector of Program ManagementMicrosoft Corporation
  10. 10. IntroductionWindows Server 2012 is probably the most significant release of the W­indowsServer platform ever. With an innovative new user interface, powerfulnew management tools, enhanced Windows PowerShell support, and hundredsof new features in the areas of networking, storage, and virtualization, WindowsServer 2012 can help IT deliver more while reducing costs. Windows Server 2012also was ­designed for the cloud from the ground up and provides a ­foundationfor ­building both public and private cloud solutions to enable ­businesses to takeadvantage of the many benefits of cloud computing.This book provides a technical overview of ­Windows Server 2012 and is­intended to help IT professionals familiarize themselves with the capabilities of thenew platform. This present edition also replaces the earlier preview edition, withscreenshots and feature descriptions now being based on RTM instead of Beta.Direct from the sourceA key feature of this book is the inclusion of sidebars written by members of theWindows Server team, Microsoft Support engineers, Microsoft ­Consulting ­Servicesstaff, and others who work at Microsoft. These sidebars provide an ­insider’s­perspective that includes both “under-the-hood” ­information concerning howfeatures work, and strategies, tips, and best practices from experts who have beenworking with the platform during product development. Sidebars are highlightedin the text and include the contributor’s name and title at the bottom.AcknowledgmentsThe author would like to express his special thanks to the numerous people­working at Microsoft who took time out from their busy schedules to write­sidebars for this book and/or peer-review its content to ensure technical accuracy.In recognition of their contribution towards making this book a more valuableresource, we’d like to thank the following people who work at Microsoft (unlessotherwise indicated) for contributing their time and expertise to this project:Joshua Adams, Manjnath Ajjampur, Jeff Alexander, Ted Archer, Vinod Atal,Jonathan Beckham, Jeevan Bisht, David Branscome, Kevin Broas, Brent ­Caskey,Patrick Catuncan, Al Collins, Bob Combs, Wilbour Craddock, David Cross,Kevin daCosta, Robb Dilallo (Oakwood Systems Group), Laz Diaz, Yuri Diogenes,
  11. 11. xii IntroductionSean Eagan, Yigal Edery, Michael Foti, Stu Fox, ­Keith Hill, Jeff Hughes,Corey Hynes (HynesITe Inc.), Mohammed Ismail, Ron Jacob, Tomica ­Kaniski,Alex A. ­Kibkalo, Praveen Kumar, Brett Larison, Alex Lee, Ian Lindsay, Carl Luberti,Michel ­Luescher, John Marlin, John McCabe, Robert McMurray, Harsh ­Mittal,­Michael Niehaus, Symon Perriman, Tony Petito, Mark Piggott, Jason Pope,Artem ­Pronichkin, Satya Ramachandran, Ramlinga Reddy, Colin Robinson,John Roller, Luis Salazar, Stephen Sandifer (Xtreme Consulting Group Inc),Chad ­Schultz, Tom Shinder, Ramnish Singh, Don Stanwyck, Mike Stephens,Mike ­Sterling, Allen Stewart, Jeff Stokes, Chuck Swanson, Daniel Taylor,Harold Tonkin, Sen ­Veluswami, Matthew Walker, Andrew Willows, Yingwei Yang,John Yokim, Won Yoo, David Ziembicki, and Josef Zilak.If we’ve missed anyone, we’re sorry!The author also would like to thank Valerie Woolley at Microsoft ­Learning;­Diane Kohnen at S4Carlisle Publishing Services; and Susan McClung, the­copyeditor.Errata & book supportWe’ve made every effort to ensure the accuracy of this book and its companioncontent. Any errors that have been reported since this book was published arelisted on our Microsoft Press site at oreilly.com:http://go.microsoft.com/FWLink/?Linkid=262397If you find an error that is not already listed, you can report it to us through thesame page.If you need additional support, email Microsoft Press Book Support at­mspinput@microsoft.com.Please note that product support for Microsoft software is not offered throughthe addresses above.We want to hear from youAt Microsoft Press, your satisfaction is our top priority, and your feedback ourmost valuable asset. Please tell us what you think of this book at:http://www.microsoft.com/learning/booksurvey
  12. 12. xiiiIntroductionThe survey is short, and we read every one of your comments and ideas.Thanks in advance for your input!Stay in touchLet’s keep the conversation going! We’re on Twitter:http://twitter.com/MicrosoftPress.
  13. 13. 1C H A P T E R 1The business need forWindows Server 2012■ The rationale behind cloud computing  1■ Technical requirements for successful cloud computing  6■ Four ways Windows Server 2012 delivers value for cloudcomputing  10■ Up next  15This chapter briefly sets the stage for introducing Windows Server 2012 by ­reviewing whatcloud computing is all about and why cloud computing is becoming an ­increasinglypopular solution for business IT needs. The chapter then describes how ­Windows Server 2012can provide the ideal foundation for building your organization’s private cloud.The rationale behind cloud computingCloud computing is transforming business by offering new options for businesses to ­increaseefficiencies while reducing costs. What is driving organizations to embrace the cloud ­paradigmare the problems often associated with traditional IT systems. These problems include:■■ High operational costs, typically associated with implementing and managingdesktop and server infrastructures■■ Low system utilization, often associated with non-virtualized server workloads inenterprise environments■■ Inconsistent availability due to the high cost of providing hardware redundancy■■ Poor agility, which makes it difficult for businesses to meet evolving market ­demandsAlthough virtualization has helped enterprises address some of these issues by­virtualizing server workloads, desktops, and applications, some challenges still remain.For example, mere virtualization of server workloads can lead to virtual machine (VM)sprawl, solving one problem while creating another.Cloud computing helps address these challenges by providing businesses with newways of improving agility while reducing costs. For example, by providing tools for rapiddeployment of IT services with self-service capabilities, businesses can achieve
  14. 14. 2 Chapter 1 The business need for Windows Server 2012a faster time-to-market rate and become more competitive. Cloud-based solutions also canhelp businesses respond more easily to spikes in demand. And the standardized architectureand service-oriented approach to solution development used in cloud environments helpsshorten the solution development life cycle, reducing the time between envisioning anddeployment.Cloud computing also helps businesses keep IT costs under control in several ways. Forexample, the standardized architecture of cloud solutions provides greater ­transparencyand predictability for the budgeting process. Adding automation and elastic capacity­management to this helps keep operational costs lower. Reuse and re-provisioning of cloudapplications and services can help lower development costs across your organization, makingyour development cycle more cost effective. And a pay-as-you-go approach to consumingcloud services can help your business achieve greater flexibility and become more innovative,making entry into new markets possible.Cloud computing also can help businesses increase customer satisfaction by enablingsolutions that have greater responsiveness to customer needs. Decoupling applications fromphysical infrastructure improves availability and makes it easier to ensure business ­continuitywhen a disaster happens. And risk can be managed more systematically and effectively tomeet regulatory requirements.Making the transitionMaking the transition from a traditional IT infrastructure to the cloud paradigm beginswith rethinking and re-envisioning what IT is all about. The traditional approach to IT­infrastructure is a server-centric vision, where IT is responsible for procuring, designing,deploying, managing, maintaining, and troubleshooting servers hosted on the company’spremises or located at the organization’s central datacenter. Virtualization can increasethe efficiency of this approach by allowing consolidation of server workloads to increase­system utilization and reduce cost, but even a virtualized datacenter still has a server-centric­infrastructure that requires a high degree of management overhead.Common characteristics of traditional IT infrastructures, whether virtualized or not, caninclude the following:■■ Limited capacity due to the physical limitations of host hardware in the datacenter(virtualization helps maximize capacity but doesn’t remove these limitations)■■ Availability level that is limited by budget because of the high cost of redundant hosthardware, network connectivity, and storage resources■■ Poor agility because it takes time to deploy and configure new workloads­(virtualization helps speed up this process)■■ Poor efficiency because applications are deployed in silos, which means that­development efforts can’t be used easily across the organization■■ Potentially high cost due to the cost of host hardware, software licensing, and the­in-house IT expertise needed to manage the infrastructure
  15. 15. The rationale behind cloud computing Chapter 1 3By contrast to the traditional server-centric infrastructure, cloud computing represents aservice-centric approach to IT. From the business customer’s point of view, cloud services canbe perceived as IT services with unlimited capacity, continuous availability, improved ­agility,greater efficiency, and lower and more predictable costs than a traditional server-centricIT infrastructure. The results of the service-centric model of computing can be increasedproductivity with less overhead because users can work from anywhere, using any capabledevice, without having to worry about deploying the applications they need to do their job.The bottom line here is that businesses considering making the transition to the cloudneed to rethink their understanding of IT from two perspectives: the type of sourcing and thekinds of services being consumed.Cloud sourcing modelsCloud sourcing models define the party that has control over how the cloud services are­architected, controlled, and provisioned. The three kinds of sourcing models for cloud­computing are:■■ Public cloud  Business customers consume the services they need from a pool ofcloud services delivered over the Internet. A public cloud is a shared cloud where thepool of services is used by multiple customers, with each customer’s environment­isolated from those of others. The public cloud approach provides the benefits ofpredictable costs and pay-as-you-go flexibility for adding or removing processing,storage, and network capacity depending on the customer’s needs.For example, Microsoft Windows Azure and Microsoft SQL Azure are public cloudofferings that allow you to develop, deploy, and run your business applications overthe Internet instead of hosting them locally on your own datacenter. By adopting this­approach, you can gain increased flexibility, easier scalability, and greater agility foryour business. And if your users only need Microsoft Office or Microsoft DynamicsCRM to perform their jobs, you can purchase subscriptions to Office 365 or MicrosoftDynamics CRM Online from Microsoft’s public cloud offerings in this area as well.For more information on Microsoft’s public cloud offerings, seehttp://www.microsoft.com/en-us/server-cloud/private-cloud/buy.aspx#tabs-2.■■ Private cloud  The customer controls the cloud, either by self-hosting a private cloudin the customer’s datacenter or by having a partner host it. A private cloud can beimplemented in two ways: by combining different software platforms and applications,or by procuring a dedicated cloud environment in the form of an appliance froma vendor.For example, customers have already been using the Hyper-V virtualization ­capabilitiessuccessfully in the Microsoft Windows Server 2008 R2 platform, with the MicrosoftSystem Center family of products, to design, deploy, and manage their own privateclouds. And for a more packaged approach to deploying private clouds, ­Microsoft’sPrivate Cloud Fast Track program provides customers with a standard reference
  16. 16. 4 Chapter 1 The business need for Windows Server 2012­architecture for building private clouds that combines Microsoft ­software, consolidatedguidance, value-added software components, and validated ­compute, network, andstorage configurations from original equipment manufacturer (OEM) partners to ­createa turnkey approach for deploying scalable, preconfigured, ­validated ­infrastructureplatforms for deploying your own on private cloud. For more ­information on the­Private Cloud Fast Track and to see a list of Fast Track Partners,see http://www.microsoft.com/en-us/server-cloud/private-cloud/buy.aspx#tabs-2.The private cloud approach allows you the peace of mind of knowing you have­complete control over your IT infrastructure, but it has higher up-front costs anda steeper implementation curve than the public cloud approach. For more informationon Microsoft’s private cloud offerings, see http://www.microsoft.com/en-us/­server-cloud/private-cloud/. As you will soon see, however, the next generation ofHyper-V in the Windows Server 2012 platform delivers even more powerful capabilitiesthat enable customers to deploy and manage private clouds.■■ Hybrid cloud  The customer uses a combination of private and public clouds to meetthe specific needs of their business. In this approach, some of your organization’s ITservices run on-premises while other services are hosted in the cloud to save costs,simplify scalability, and increase agility. Organizations that want to make the transitionfrom traditional IT to cloud computing often begin by embracing the hybrid cloudapproach because it allows them to get their feet wet while remaining grounded in thecomfort of their existing server-centric infrastructure.One difficulty with the hybrid cloud approach, however, is the management­overhead associated with needing duplicate sets of IT controls, one set for traditional­infrastructure and others for each kind of cloud service consumed. Regardless of this,many organizations that transition to the cloud choose to adopt the hybrid approachfor various reasons, including deployment restrictions, compliance issues, or the­availability of cloud services that can meet the organization’s needs.Cloud service modelsCloud computing also can be considered from the perspective of which kinds of services arebeing consumed. The three standard service models for cloud computing are as follows:■■ Software as a service (SaaS)  This approach involves using the cloud to deliver a­single application to multiple users, regardless of their location or the kind of ­devicethey are using. SaaS contrasts with the more traditional approach of deployingseparate instances of applications to each user’s computing device. The advantagesof the SaaS model is that application activities can be managed from a single centrallocation to reduce cost and management overhead. SaaS typically is used to delivercloud-based applications that have minimal support for customization, such as email,Customer Relationship Management (CRM), and productivity software. Office 365 is anexample of a SaaS offering from Microsoft that provides users with secure anywhere
  17. 17. The rationale behind cloud computing Chapter 1 5access to their email, shared calendars, instant messaging (IM), video conferencing,and tools for document collaboration.■■ Platform as a service (PaaS)  This approach involves using the cloud to deliverapplication execution services such as application run time, storage, and ­integrationfor applications that have been designed for a prespecified cloud-based ­architecturalframework. By using PaaS, you can develop custom cloud-based ­applications for yourbusiness and then host them in the cloud so that users can access them ­anywhereover the Internet. PaaS also can be used to create multi-tenant ­applications thatmultiple ­users can access simultaneously. And with its high degree of supportfor ­application-level customization, PaaS can enable integration with your older­applications and interoperability with your on-premises systems, though some­applications may need to be recoded to work in the new environment. SQL Azure isan example of a PaaS offering from Microsoft that allows businesses to provision anddeploy SQL databases to the cloud without the need of implementing and maintainingan in-house Microsoft SQL Server infrastructure.■■ Infrastructure as a service (IaaS)  This approach involves creating pools of­compute, storage, and network connectivity resources that then can be deliveredto business customers as cloud-based services that are billed on a per-usage basis.IaaS forms the foundation for SaaS and PaaS by providing a standardized, flexible­virtualized ­environment that typically presents itself to the customer as virtualizedserver ­workloads. In the IaaS model, the customer can self-provision these virtualizedworkloads and can customize them fully with the processing, storage, and network­resources needed and with the operating system and applications the business­requires. By using the IaaS approach, the customer is relieved of the need to ­purchaseand install hardware and can spin up new workloads to meet changing demand­quickly. The Hyper-V technology of the Windows Server platform, together with theSystem Center family of products, represents Microsoft’s offering in the IaaS space.Microsoft cloud factsDid you know the following facts about Microsoft’s public cloud offerings?■■ Every day, 9.9 billion messages are transmitted via Windows Live Messenger.■■ There are 600 million unique users every month on Windows Live and MSN.■■ There are 500 million active Windows Live IDs.■■ There are 40 million paid MS online services (BPOS, CRM Online, etc.) in 36 countries.■■ A total of 5 petabytes of content is served by Xbox Live each week during the holidayseason.■■ A total of 1 petabyte+ of updates is served every month by Windows Update tomillions of servers and hundreds of millions of PCs worldwide.■■ There are tens of thousands of Windows Azure customers.
  18. 18. 6 Chapter 1 The business need for Windows Server 2012■■ There are 5 million LiveMeeting conference minutes per year.■■ Forefront for Exchange filters 1 billion emails per month.Technical requirements for successful cloudcomputingIf you’re considering moving your business to the cloud, it’s important to be aware of theingredients of a successful cloud platform. Figure 1-1 illustrates the three standard servicemodels for implementing private and public cloud solutions.SaaS – the softwareThe cloud provider runs the application while the customerconsumes the application as a service on a subscription basis.PaaS – the platformThe application platform includesnative services for scalability andresiliency, and the apps must bedesigned to run in the cloud.IaaS – the infrastructureThe cloud provider runs adatacenter that offers “virtualmachines for rent” along withdynamically allocated resources.Customers own the virtualmachine and manage it as “theirserver” in the cloud.FIGURE 1-1  The three standard service models for the cloud.The hierarchy of this diagram illustrates that both IaaS and PaaS can be used as the­foundation for building SaaS. In the IaaS approach, you build the entire architecture ­yourself(for example, with load-balanced web servers for the front end and clustered servers foryour business and data tiers on the back end). In fact, the only difference between IaaS anda ­traditional datacenter is that the apps are running on servers that are virtual instead of­physical.By contrast, PaaS is a completely different architecture. In a PaaS solution, like WindowsAzure, you allow Azure to handle the “physical” aspect for you when you take your app andmove it to the cloud. Then, when you have spikes in demand (think the holiday season for aretail website), the system automatically scales up to meet the demand and then scales backdown again when demand tapers off. This means that with PaaS, you don’t need to build asystem that handles the maximum load at all times, even when it doesn’t have to; instead, youpay only for what you use.But the IaaS model is much closer to what customers currently use today, so let’s focusmore closely on the IaaS service model, which often is described as “virtual machines forrent.” The two key components of IaaS are a hypervisor-based server operating system and
  19. 19. Technical requirements for successful cloud computing Chapter 1 7a cloud and datacenter management solution. These two components, therefore, form thefoundation of any type of cloud solution—public, private, or hybrid.Let’s examine the first component: namely, a hypervisor-based server operating system.What attributes must such a platform have to be suitable for building cloud solutions? Thenecessary technical requirements must include the following:■■ Support for the latest server hardware and scaling features, including high-performancenetworking capabilities and reduced power consumption for green computing■■ A reliable, highly scalable hypervisor that eliminates downtime when VMs are movedbetween hosts■■ Fault-tolerant, high-availability solutions that ensure that cloud-based services can bedelivered without interruption■■ Powerful automation capabilities that can simplify and speed the provisioning andmanagement of infrastructure resources to make your business more agile■■ Support for enterprise-level storage for running the largest workloads that businessesmay need■■ The ability to host a broad range of virtualized operating systems and applications toprovide customers with choices that can best meet their business needs■■ An extensible platform with public application programming interfaces (APIs) thatbusinesses can use to develop custom tools and enhancements that they need toround out their solutions■■ The ability to pool resources, such as processing, network connectivity, and ­storage,to provide elasticity so that you can provision and scale resources dynamically in­response to changing needs■■ Self-service capabilities, so that pooled resources can be provisioned quickly accordingto service-level agreements for increased agility■■ A built-in system for monitoring resource usage, so that those consuming resourcescan be billed on a pay-for-only-what-you-use basis■■ Infrastructure transparency, so that customers can concentrate on deploying the­applications and services that they need without having to worry about the underlyinginfrastructureMicrosoft’s previous hypervisor-based server operating system, Windows Server 2008 R2,met many of these requirements to a high degree, and Microsoft and other ­enterpriseshave been using it extensively as a foundation for building both private and public clouds.As we will soon see, however, Windows Server 2012 now brings even more to the table for­building highly scalable and elastic cloud solutions, making it the first truly ­cloud-optimizedserver operating system.The second component for building a cloud is the management part, and here, ­SystemCenter 2012 provides the most comprehensive cloud and datacenter management­solution available in the marketplace. System Center 2012 spans physical, virtual, and cloud
  20. 20. 8 Chapter 1 The business need for Windows Server 2012­environments using common management experiences throughout and enables end-to-endmanagement of your infrastructure and applications.Support for Windows Server 2012 will be included in Service Pack 1 for System Center2012. For more information on System Center products and to download evaluation software,see http://www.microsoft.com/en-us/server-cloud/system-center/default.aspx.The business need for Windows Server 2012Cloud computing in general, and private clouds in particular, have emerged as aresponse to the high cost and lack of agility of traditional approaches to IT. Theneeds of IT users and the rate of technological change have increased significantly.At the same time, the need to improve IT efficiency and reduce costs are high-priorityobjectives in most businesses today.Server consolidation through virtualization has been a key driver of cost­savings over the past several years. Windows Server 2012 and Hyper-V provide­significant ­improvements in scalability and availability, which enables much higher­consolidation ratios. Combined with the flexibility of unlimited VM licensing insome Windows SKUs, high-density virtualization can reduce costs significantly. WithWindows Server 2012 and Hyper-V supporting clusters up to 64 nodes runningup to 4,000 VMs and up to 1,024 active VMs per host, a relatively small amount ofphysical hardware can support a large amount of IT capability.Further improving the consolidation story is the ability to run significantly larger VMs,resulting in a higher percentage of physical servers being candidates for ­virtualization.For example, Windows Server 2012 can now support:■■ Up to 64 virtual processors per VM (with a maximum of 2,048 virtual processorsper host)■■ Up to 1 terabyte (TB) of random access memory (RAM) per VM (with up to 4 TBRAM per host)■■ Virtual hard disks (VHDs) up to 64 TB in sizeThese scalability enhancements now provide enterprises with the ability to virtualizethe vast majority of physical servers deployed today. Examples include large databaseservers or other high-scale workloads that previously could not be virtualized.In addition to scale, a substantial number of new capabilities in the Windows Server 2012and Hyper-V platform enable cloud computing scenarios. Definitions of cloud­computing vary; however, one of the most commonly utilized definitions is from theU.S. National Institutes for Standards and Technology (NIST), which defines five“essential” characteristics of cloud computing solutions, including on-demand­self-service, broad network access, resource pooling, rapid elasticity, and measured service.These attributes enable the agility and cost savings expected from cloud solutions.
  21. 21. Technical requirements for successful cloud computing Chapter 1 9Virtualization alone provides significant benefits, but it does not provide allthe cloud attributes defined by NIST. A key tenet of Windows Server 2012 is to go­beyond virtualization. What this means is providing the foundational technologies and­features that enable cloud attributes such as elasticity, resource pooling, and measuredservice, while providing significant advancements in the virtualization platform.■■ For the on-demand self-service cloud attribute, Windows Server 2012 ­providesfoundational technology that enables a variety of user interfaces, including­self-service portals by providing hundreds of Windows PowerShell cmdlets­related to VM provisioning and management, that enable management solutionssuch as System Center to provide self-service user interfaces.■■ For the broad network access cloud attribute, Windows Server 2012 and ­Hyper-Vprovides new network virtualization technology that enables a ­variety of VMmobility, multi-tenancy, and hosting scenarios that remove many of today’s­network limitations. Other technologies, such as DirectAccess, enable secureremote connectivity to internal resources without the need for virtual privatenetworks (VPNs).■■ For the resource pooling cloud attribute, the combination of the operating­system, Network, and Storage virtualization technologies in Windows Server 2012­enable each component of the physical infrastructure to be virtualized andshared as a single large resource pool. Improvements to Live Migration ­enableVMs and their associated storage to be moved to any Hyper-V host in the­datacenter with a network connection. Combined, these technologies allowstandardization across the physical and virtual infrastructure with the ability ofVMs to be distributed optimally and dynamically across the datacenter.■■ For the rapid elasticity cloud attribute, Windows Server 2012 provides the ­abilityto provision VMs rapidly using technologies such as offloaded data ­transfer (ODX),which can use capabilities in storage systems to clone or ­create VMs very rapidlyto enable workload elasticity. Thin provisioning and data de-duplication enableelasticity without immediate consumption of physical resources.■■ For the measured service cloud attribute, Windows Server 2012 provides a­variety of new resource metering capabilities that enable granular reportingon resource utilization by individual VMs. Resource metering enables scenariossuch as chargeback reporting based on central processing unit (CPU) utilization,memory utilization, or other utilization-based metrics.In addition to advanced server consolidation and cloud attributes that helpdrive down IT cost and increase agility, Windows Server 2012 provides the­capability to ­reduce ongoing operational expenses (OpEx) by providing a highdegree of ­automation and the ability to manage many servers as one. A key costmetric in IT is the number of servers that an individual administrator can manage.
  22. 22. 10 Chapter 1 The business need for Windows Server 2012In many datacenters, this number is small, typically in the double digits. In highlyautomated datacenters such as Microsoft’s, an individual administrator can managethousands of servers through the use of automation.Windows Server 2012 delivers this automation capability through the Server­Manager user interface’s ability to manage user-defined groups of servers as one,plus the ability of PowerShell to automate activities against a nearly ­unlimited­number of servers. This reduces the amount of administrator effort required,­enabling ­administrators to focus on higher-value activities.Taken together, the capabilities provided by Windows Server 2012 deliver the­essential cloud attributes and the foundation for significant improvements in bothIT cost and agility.David ZiembickiSenior Architect, U.S. Public Sector, Microsoft ServicesFour ways Windows Server 2012 delivers value forcloud computingLet’s now briefly look at four ways that Windows Server 2012 can deliver value for ­buildingyour cloud solution beyond what the Windows Server 2008 R2 platform can deliver. Theremaining chapters of this book will explore the powerful new features and capabilities of thiscloud-optimized operating system in more detail, along with hands-on insights from insidersat Microsoft who have developed, tested, and deployed ­Windows Server 2012 and for selectcustomers during product ­development.Foundation for building your private cloudAlthough previous versions of Windows Server have included many capabilities needed for­implementing different cloud computing scenarios, Windows Server 2012 takes this a stepfurther by providing a foundation for building dynamic, multi-tenant cloud environmentsthat can scale to meet the highest business needs while helping to reduce your ­infrastructurecosts. Hyper-V in Windows Server 2008 R2 has already helped many businesses reduce theiroperational costs through server consolidation. The next version of Hyper-V, together withother key features of Windows Server 2012, goes even further by enabling you to secure­virtualized services by isolating them effectively, migrate running VMs with no downtimeeven outside of clusters, create replicas of virtualized workloads for offsite recovery, andmuch more. The result is to provide a platform that is ideal as a foundation for building­private clouds for even the largest enterprises.
  23. 23. Four ways Windows Server 2012 delivers value for cloud computing Chapter 1 11Windows Server 2012 provides your business with a complete virtualization platform thatincludes multi-tenant security and isolation capabilities to enforce network isolation betweenworkloads belonging to different business units, departments, or customers on a shared­infrastructure. Network Virtualization, a new feature of Hyper-V, lets you isolate network­traffic from different business units without the complexity of needing to ­implement andmanage virtual local area networks (VLANs). Network Virtualization also makes it easier tointegrate your existing private networks into a new infrastructure by enabling you to migrateVMs while preserving their existing virtual network settings. And network quality of service(QoS) has been enhanced in Windows Server 2012 to enable you to guarantee a minimumamount of bandwidth to VMs and virtual services so that service level agreements can beachieved more effectively and network performance can have greater predictability. ­Beingable to manage and secure network connectivity resources effectively are an important­factor when ­designing cloud solutions, and these capabilities of Windows Server 2012 make this­possible.Windows Server 2012 also helps you scale your environment better, achieve greater­performance levels, and use your existing investments in enterprise storage solutions. Withgreatly expanded support for host processors and memory, your virtualization infrastructurenow can support very large VMs that need the highest levels of performance and workloadsthat require the ability to increase significantly in scale. Businesses that have already investedin Fibre Channel storage arrays for their existing infrastructures can benefit from VirtualFibre Channel, a new feature of Hyper-V that lets you directly connect to your storage areanetwork (SAN) from within the guest operating system of your VMs. You also can use VirtualFibre Channel to virtualize any server workloads that directly access your SAN, enabling newways of reducing costs through workload virtualization. You also can cluster guest ­operatingsystems over Fibre Channel, which provides new infrastructure options you can explore.And the built-in ODX support ensures that your VMs can read and write to SAN storage atperformance levels matching that of physical hardware, while freeing up the resources on thesystem that received the transfer. With storage a key resource for any cloud solution, theseimprovements make Windows Server 2012 an effective platform for building clouds.Windows Server 2012 also provides a common identity and management framework thatsupports federation, enables cross-premises connectivity, and facilitates data ­protection.Active Directory Federation Services (AD FS) is now built into the product and ­providesa foundation for extending Active Directory identities to the cloud, allowing for single­sign-on (SSO) to resources both on-premises and in the cloud. Site-to-site VPNs can be­established to provide cross-premises connectivity between your on-premises infrastructureand ­hosting providers you purchase cloud services from. You even can connect directly toprivate ­subnets within a hosted cloud network, using your existing networking equipmentthat uses ­industry-standard IKEv2-IPsec protocols. And you can enhance business ­continuityand ­simplify disaster recovery by using the new Hyper-V Replica feature that provides­asynchronous replication of virtual machines over IP-based networks to remote sites. Allthese features help provide the foundation that you need to build your private cloud.
  24. 24. 12 Chapter 1 The business need for Windows Server 2012Private Cloud(Enterprise)Multiple Business Unitson Shared InfrastructureMultiple Customerson Shared InfrastructurePublic Cloud(Hoster)• Secure Isolation Between Tenants• Dynamic Placement of Services• QoS and Resource MeteringSQL IIS SQL IIS SQL IIS SQL IISR & D Finance Contoso Bank Woodgrove BankFIGURE 1-2  Windows Server 2012 provides a foundation for multi-tenant clouds.Highly available, easy-to-manage multi-server platformCost is the bottom line for most businesses, and even though virtualization has allowedmany ­organizations to tap into efficiencies that have helped them do more with less withtheir datacenters, maintaining these efficiencies and preventing interruptions due to failures,downtimes, and management problems remain a key priority. Windows Server 2012 helpsyou address these issues by providing enhanced availability features, more flexible storage­options, and powerful new management capabilities.Windows Server 2012 enhances availability by extending the Live Migration ­capabilitiesof Hyper-V in previous Windows Server versions with a new feature called Live Storage­Migration, which lets you move VHDs while they are attached to running VMs with no­downtime. Live Storage Migration simplifies the task of migrating or upgrading storagewhen you need to perform maintenance on your SAN or file-based storage array, or whenyou need to redistribute the load. Built-in NIC teaming gives you fault-tolerant ­networking­without the need to use third-party solutions, and it also helps ensure availability by­preventing ­connectivity from being lost when a network adapter fails. And availability canbe further enhanced through transparent failover, which lets you move file shares betweencluster nodes with no interruption to applications accessing data on these shares. These­improvements can provide benefits for both virtualized datacenters and for the cloud.
  25. 25. Four ways Windows Server 2012 delivers value for cloud computing Chapter 1 13Windows Server 2012 also provides numerous efficiencies that can help you ­reduce costs.These efficiencies cover a wide range of areas, including power consumption, ­networking,and storage, but for now, let’s just consider storage. The new file server ­features of ­Windows­Server 2012 allow you to store application data on server message block (SMB) file sharesin a way that provides much of the same kind of availability, ­reliability, and ­performancethat you’ve come to expect from more expensive SAN solutions. The new ­Storage Spacesfeature provides built-in storage virtualization capabilities that enable ­flexible, scalable, and­cost-effective solutions to meet your storage needs. And Windows Server 2012 ­integrateswith storage solutions that support thin provisioning with just-in-time (JIT) ­allocations of­storage and the ability to reclaim storage that’s no longer needed. ­Reducing cost is key forenterprises, whether they still have traditional IT infrastructures or have ­deployed privateclouds.Windows Server 2012 also includes features that make management and automationmore efficient. The new Server Manager takes the pain out of deploying and managing largenumbers of servers by simplifying the task of remotely deploying roles and features on bothphysical and virtual servers. Server Manager also can be used to perform ­scenario-based­deployments of the Remote Desktop Services role, for example to set up a session­virtualization infrastructure or a virtual desktop infrastructure (VDI) environment quickly.PowerShell 3.0 has powerful new features that simplify the job of automating numerousaspects of a datacenter, including the operating system, storage, and networking resources.PowerShell workflows let you perform complex management tasks that require machines tobe rebooted. Scheduled jobs can run regularly or in response to a specific event. Delegatedcredentials can be used so that junior administrators can perform mission-critical tasks. Allthese improvements can bring you closer to running your datacenter or private cloud as atruly lights-out automated environment.Deploy web applications on-premises and in the cloudThe web platform is key to building a cloud solution. That’s because cloud-based servicesare delivered and consumed over the Internet. Windows Server 2012 includes web platformenhancements that provide the kind of flexibility, scalability, and elasticity that your businessneeds to host web applications for provisioning cloud-based applications to business units orcustomers. Windows Server 2012 is also an open web platform that embraces a broad rangeof industry standards and supports many third-party platforms and tools so that you canchoose whatever best suits the development needs for your business.Because most organizations are expected to follow the hybrid cloud approach that­combines together both on-premises infrastructure and cloud services, efficiencies can begained by using development symmetry that lets you build applications that you can ­deployboth on-premises and in the cloud. Windows Server 2012 provides such development­symmetry through a common programming language supporting both Windows Server andthe Windows Azure platform; through a rich collection of applications that can be deployed
  26. 26. 14 Chapter 1 The business need for Windows Server 2012and used across web application and data tiers; through the rich Microsoft Visual ­Studio–based developer experience, which lets you develop code that can run bothon-premises and in the cloud; and through other technologies like the Windows AzureConnect, which lets you configure Internet Protocol Security (IPsec)–protected connections­between your on-premises physical/virtual servers and roles running in the Windows Azurecloud.Building on the proven application platform of earlier Windows Server versions, ­WindowsServer 2012 adds new features and enhancements to enable service ­providers to hostlarge numbers of websites while guaranteeing customers predictable service ­levels. These­improvements make Windows Server 2012 the ideal platform for building and ­managing­hosting environments and public clouds. To enable the highest level of scalability, ­especiallyin shared hosting environments, Microsoft Internet Information Services (IIS) 8.0 in­Windows Server 2012 introduced multicore scaling on Non-Uniform Memory Access (NUMA),which enables servers that can scale up to 64 physical processors and across NUMA nodes.This capability enables your web applications to scale up quickly to meet ­sudden spikesin demand. And when demand falls again, IIS CPU throttling enables your ­applications toscale down to minimize costs. You also can use IIS CPU throttling to ensure that ­applicationsalways get their fair share of processor time by specifying a maximum CPU u­sage for each­application pool. And to manage the proliferation of Secure Sockets Layer (SSL) ­certificatesfor your hosting environment, or to be able to add web servers to a web farm quickly withoutthe need to configure SSL manually on them, the new Centralized SSL ­Certificate Supportfeature of Windows Server 2012 takes the headache out of managing ­SSL-based hostingenvironments.IIS 8.0 in Windows Server 2012 also provides businesses with great flexibility in the kindsof web applications that they can develop and deploy. ASP.NET 4.5 now supports the latestHTML 5 standards. PHP and MySQL also are supported through the built-in IIS extensions forthese development platforms. And support for the industry-standard WebSocket protocolenables encrypted data transfer over real-time bidirectional channels to support AJAX clientapplications running in the browser. All these features and enhancements provide flexibilityfor building highly scalable web applications, hosted either on-premises or in the cloud.Enabling the modern work styleThe consumerization of IT through the trend towards BYOD or “bring your own ­device”­environments is something that businesses everywhere are facing and IT is only ­beginning toget a handle on. The days of IT having full control over all user devices in their ­infrastructureare probably over, with the exception of certain high-security environments in the­government, military, and finance sectors. Accepting these changes requires not just newthinking but new technology, and Windows Server 2012 brings features that can help IT­address this issue by enabling IT to deliver on-premises and cloud-based services to userswhile maintaining control over sensitive corporate data.
  27. 27. Up next Chapter 1 15Remote Access has been enhanced in Windows Server 2012 to make it much easierto ­deploy DirectAccess so that users can always have the experience of being ­seamlessly­connected to the corporate network whenever they have Internet access. Setting up­traditional VPN connections is also simpler in Windows Server 2012 for organizationsthat need to maintain compatibility with existing systems or policies. BranchCache hasbeen enhanced in Windows Server 2012 to make it scale greater, perform better, and be­managed more easily. Deploying BranchCache is now much simpler and enables users torun ­applications remotely and access data more efficiently and securely than before. And aspreviously mentioned in this chapter, Server Manager now lets you perform scenario-baseddeployments of the Remote Desktop Services role to implement session virtualization or VDIin your environment more easily.To remain productive as they roam between locations and use different devices, ­usersneed to be able to access their data using the full Windows experience. New featuresand ­improvements in Windows Server 2012 now make this possible from any location on­almost any device. RemoteFX for WAN enables a rich user experience even over slow WAN­connections. Universal serial bus (USB) is now supported for session virtualization, ­allowingusers to use their USB flash drives, smartcards, webcams, and other devices when ­conn­ectingto session hosts. And VDI now includes user VHDs for storing user ­personalization settingsand cached application data so that the user experience can be maintained across logons.Windows Server 2012 also gives you greater control over your sensitive corporate data tohelp you safeguard your business and meet the needs of compliance. Central access policiescan be used to define who is allowed to access information within your organization. Centralaudit policies have been enhanced to facilitate compliance reporting and forensic analysis.The Windows authorization and audit engine has been re-architected to allow the use of­conditional expressions and central policies. Kerberos authentication now supports both userand device claims. And Rights Management Services (RMS) has been made extensible sopartners can provide solutions for encrypting non-Office files. All these improvements enableusers to connect securely to on-premises or cloud-based infrastructure so that they can bemore productive in ways that meet the challenges of today’s work style while maintainingstrict control over your corporate data.Up nextThe chapters that follow will dig deeper into these different ways that Windows Server 2012can deliver value by examining in more detail the new features and capabilities of this­cloud-optimized platform. Each chapter also includes sidebars written by insiders on the­Windows Server team at Microsoft, by Microsoft Consulting Services experts in the field,and by Microsoft Support engineers who have been working with the platform from Day 1.To ­begin with, let’s look more closely at how Windows Server 2012 can provide the perfect­foundation for building your organization’s private cloud.
  28. 28. 17C H A P T E R 2Foundation for buildingyour private cloud■ A complete virtualization platform  19■ Increase scalability and performance  50■ Business continuity for virtualized workloads  73■ Up next  83This chapter describes some of the new features of Windows Server 2012 thatmake it the ideal platform for building a private cloud for your organization. With­enhancements to Hyper-V virtualization, improvements in scalability and performance,and business continuity support for virtualized workloads, Windows Server 2012 providesa solid foundation for building dynamic, highly scalable multi-tenant cloud environments.Windows Server 2012: The foundation for building yourprivate cloudDelivering a solid foundation for a private cloud requires a robust­virtualization platform, scalability with great performance, and the abilityto span datacenters and integrate with other clouds. Windows Server 2012 wasdesigned to address key private cloud needs through advances in computer,storage, and Network Virtualization.Compute virtualization, provided by Hyper-V in Windows Server 2012, hasbeen improved to support significantly larger host servers and guest virtualmachines (VMs). This increases the range of workloads that can be ­virtualized.A new feature called Guest NUMA enables large virtual machines with manyvirtual CPUs (vCPUs) to achieve high performance by optimizing a VM’s vCPUmappings to the underlying physical server’s Non-Uniform Memory Access(NUMA) configuration. Large increases in Hyper-V scalability and DynamicMemory provide for much higher density of VMs per server with largerclusters. VM mobility through Live Migration and live storage migration,regardless of whether the VM is hosted on a cluster, enable a number of newscenarios for optimization of resources in private cloud scenarios.
  29. 29. 18 CHAPTER 2 Foundation for building your private cloudWindows Server 2012 delivers new Network Virtualization capability as well as­private virtual local area networks (VLANs), opening a number of new ­networkingscenarios, including multi-tenant options required for hosting and private cloud scenarios.These technologies enable a tenant to utilize their own IP ­addressing schemes, evenif it overlaps with other tenants, while maintaining separation and security. Win-dows Server 2012 also introduces a new extensible virtual switch. The extensibleswitch delivers new capabilities such as port profiles and is a platform that thirdparties can use to build switch extensions for tasks like traffic ­monitoring, intru-sion detection, and network policy enforcement. In both private cloud ­scenariosand hosting scenarios, secure multi-tenancy is often a requirement. Examplescould include separating the finance department’s resources from the engineeringdepartment’s resources or separating one company’s resource you are hosting fromanother’s. Windows Server 2012 networking technologies provide for shared infra-structure and resource pooling while enabling secure multi-tenancy.Storage virtualization is a major investment area in Windows Server 2012. ­StorageSpaces, SMB 3, Cluster Shared Volumes (CSV2), and several other new storage­features provide a high-performance, low-cost storage platform. This storageplatform allows Hyper-V VMs to be run from Windows Server 2012 continuouslyavailable file shares on Windows storage spaces. Such shares can be accessed­using the new SMB 3 protocol, which when combined with appropriate network­hardware, provides high-speed, low-latency, multichannel-capable storage access.These technologies provide a robust storage platform at a cost point much lowerthan was previously possible. For environments with significant existing investmentsin storage area network (SAN) technology, Windows Server 2012 now enables FibreChannel host bus adapters (HBAs) to be virtualized, allowing VMs direct access toFibre Channel–based SAN storage.Another critical component of a private cloud infrastructure is disaster recovery­capability. Windows Server 2012 introduces the Hyper-V Replica feature, whichallows VMs to be replicated to disaster recovery sites, which reduces the time­required to restore service should a primary datacenter suffer a disaster.With the large number of new features and improvements, automation becomesa critical requirement, both for consistency of deployment and for efficiency in­operations. Windows Server 2012 includes about 2,400 new Windows PowerShellcmdlets for managing the various roles and features in the platform. WindowsPowerShell can be used either directly or through Microsoft and third-party­management systems to automate deployment, configuration, and operationstasks. The new Server ­Manager in Windows Server 2012 allows multiple ­servers to begrouped and managed as one. The objective of these improvements is to increaseadministrator efficiency by increasing the number of servers each ­administrator canmanage.
  30. 30. A complete virtualization platform CHAPTER 2 19The range of technology delivered in Windows Server 2012 can be used in a ­varietyof ways to enable private cloud scenarios. For a large, centralized enterprise,­large-scale file and Hyper-V clusters can deliver a platform able to run thousands ortens of thousands of highly available VMs. For cases where secure multi-tenancy isrequired, Network Virtualization and private VLANs can be used to deliver secureand isolated networks for each tenant’s VMs. With continuously available file sharesfor storing VMs combined with Live Migration and Live Storage Migration, VMs canbe moved anywhere in the datacenter with no downtime.The compute, network, and storage virtualization provided by Windows Server 2012deliver resource pooling, elasticity, and measured service cloud attributes. Thesecapabilities are further improved by disaster recovery and automation technologies.With these and other features, Windows Server 2012 delivers the foundation for theprivate cloud.David ZiembickiSenior Architect, U.S. Public Sector, Microsoft ServicesA complete virtualization platformVirtualization can bring many benefits for businesses, including increased agility, greaterflexibility, and improved cost efficiency. Combining virtualization with the infrastructureand tools needed to provision cloud applications and services brings even greater benefitsfor ­organizations that need to adapt and scale their infrastructure to meet the ­changingdemands of today’s business environment. With its numerous improvements, Hyper-V in­Windows Server 2012 provides the foundation for building private clouds that can usethe benefits of cloud computing across the business units and geographical locationsthat ­typically make up today’s enterprises. By using Windows Server 2012, you can begin­transitioning your organization’s datacenter environment toward an infrastructure as aservice (IaaS) private cloud that can provide your business units with the “server instanceson ­demand” capability that they need to be able to grow and respond to changing marketconditions.Hosting providers also can use Windows Server 2012 to build multi-tenant cloud­infrastructures (both public and shared private clouds) that they can use to deliver­cloud-based applications and services to customers. Features and tools included in WindowsServer 2012 enable hosting providers to fully isolate customer networks from one another,deliver ­support for service level agreements (SLAs), and enable chargebacks for implementing­usage-based customer billing.Let’s dig into these features and capabilities in more detail. We’ll also get some insiderperspective from experts working at Microsoft who have developed, tested, deployed, andsupported Windows Server 2012 during the early stages of the product release cycle.
  31. 31. 20 CHAPTER 2 Foundation for building your private cloudScenario-focused design in Windows Server 2012One of the best things about Windows Server 2012 is that it was designedfrom the ground up, with a great focus on actual customer scenarios.­Windows Server is the result of a large engineering effort, and in past releases,each ­organization delivered its own technology innovations and roadmap in its­respectively relevant area. The networking team would build great ­networkingfeatures; the storage team would innovate on file and storage systems; the­manageability team would introduce Windows PowerShell to enable a standard wayto ­manage servers, and so on.Windows Server 2012 is different. Instead of having vertical technology-focusedroadmaps and designs, it was built around specific customer scenarios for theserver. I was the scenario leader for the “hosted cloud” scenario, which was allabout building the most cloud-optimized operating system ever built and ­aligning­multiple feature crews on enabling enterprises and hosting providers to buildclouds that are better than ever.Scenario-focused design starts by understanding the business need and the realcustomer pain points and requirements. During the planning phase, we talked toa very long list of customers and did not limit ourselves to any specific technology.Instead, we have framed the discussion around the need to build and run cloudsand discovered pain points, such as the need to offer secure multi-tenancy and­isolation to your cloud tenants, so that hosting providers can be more efficient in­utilizing their infrastructure and lowering their cost. There’s also a need to be able to­automate manual processes end to end because manual processes just don’t cut itanymore, and the need to lower the cost of storage because ­customers were clearlyoverpaying for very expensive storage even when they don’t really need it. We thentranslated that understanding into investments that cross ­technology ­boundaries thatwill solve those business problems and satisfy the customer ­requirements.For example, to enable multi-tenancy, we didn’t just add some access control lists (ACLs)on the Hyper-V switch. Instead, we’ve built a much better Hyper-V switch with ­isolationpolicy support and added Network Virtualization to decouple the ­physical cloud­infrastructure from the VM networks. Then we added quality of service (QoS) ­policies tohelp hosting providers ensure proper SLAs for different tenants and resource ­meters toenable them to measure and charge for activities, and we also ensured that ­everythingwill be fully automatable (via Windows PowerShell, of course), in a consistent way.Here’s another example: we didn’t just add support for a new network interfacecard (NIC) technology called Remote Direct Memory Access (RDMA). Instead, we’vedesigned it to work well with file servers and provide SMB Direct support to enablethe use of file servers in a cloud infrastructure over standard Ethernet fabric, and
  32. 32. A complete virtualization platform CHAPTER 2 21­used storage spaces for low-cost disks. This way, competitive performance­compared to SANs is made available at a fraction of the cost.Finally, scenario-focused design doesn’t actually end at the design phase. It’s a wayof thinking that starts at planning but continues all the way through execution,­internal validation, external validation with our TAP program, partner relations,­documentation, blogging, and, of course, bringing the product to market. ­Basically,at every stage of the Windows Server 2012 execution cycle, the focus was on­making the scenario work, rather than on making specific features work.This kind of a scenario-focused requires an amazingly huge collaborative effortacross technology teams. This is exactly where Windows Server 2012 shines andis the reason you’re seeing all of these great innovations coming together in one­massive release that will change the way clouds are built.Yigal EderyPrincipal Program Manager, Windows ServerHyper-V extensible switchThe new Hyper-V extensible switch in Windows Server 2012 is key to enabling the creationof secure cloud environments that support the isolation of multiple tenants. The ­Hyper-V­extensible switch in Windows Server 2012 introduces a number of new and enhanced­capabilities for tenant isolation, traffic shaping, protection against malicious virtual machines,and hassle-free troubleshooting. The extensible switch allows third parties to develop plug-inextensions to emulate the full capabilities of hardware-based switches and support morecomplex virtual environments and solutions.Previous versions of Hyper-V allowed you to implement complex virtual network­environments by creating virtual network switches that worked like physical layer-2 Ethernetswitches. You could create external virtual networks to provide VMs with connectivity withexternally located servers and clients, internal networks to allow VMs on the same host tocommunicate with each other as well as the host, or private virtual networks (PVLANs) thatyou can use to completely isolate all VMs on the same host from each other and allow themto communicate only via external networks.The Hyper-V extensible switch facilitates the creation of virtual networks that canbe ­implemented in various ways to provide great flexibility in how you can design your­virtualized infrastructure. For example, you can configure a guest operating system withina VM to have a single virtual network adapter associated with a specific extensible switchor multiple virtual network adapters (each associated with a different switch), but you can’t­connect the same switch to multiple network adapters.What’s new however is that the Hyper-V virtual switch is now extensible in a couple ofdifferent ways. First, you can now install custom Network Driver Interface Specification (NDIS)filter drivers (called extensions) into the driver stack of the virtual switch. For example, you
  33. 33. 22 CHAPTER 2 Foundation for building your private cloudcould create an extension that captures, filters, or forwards packets to extensible switch ports.Specifically, the extensible switch allows for using the following kinds of extensions:■■ Capturing extensions, which can capture packets to monitor network traffic but ­cannotmodify or drop packets■■ Filtering extensions, which are like capturing extensions but also can inspect and droppackets■■ Forwarding extensions, which allow you to modify packet routing and enable­integration with your physical network infrastructureSecond, you can use the capabilities of the Windows Filtering Platform (WFP) by usingthe built-in Wfplwfs.sys filtering extension to intercept packets as they travel along the datapath of the extensible switch. You might use this approach, for example, to perform packet­inspection within your virtualized environment.These different extensibility capabilities of the Hyper-V extensible switch are intendedprimarily for Microsoft partners and independent software vendors (ISVs) so they can updatetheir existing network monitoring, management, and security software products so theycan work not just with physical hosts, but also with VMs deployed within any kind of virtual­networking environment that you might possibly create using Hyper-V in Windows Server2012. In addition, being able to extend the functionality of the Hyper-V ­networking by­adding extensions makes it easier to add new networking functionality to Hyper-V ­withoutneeding to replace or upgrade the switch. You’ll also be able to use the same tools formanaging these extensions that you use for managing other aspects of Hyper-V ­networking,namely the Hyper-V Manager console, Windows PowerShell, and Windows Management­Instrumentation (WMI). And because these extensions integrate into the existing frameworkof Hyper-V networking, they automatically work with other capabilities, like Live Migration.Table 2-1 summarizes some of the benefits of the Hyper-V extensible switch from both theIT professional and ISV perspective.TABLE 2-1  Benefits of the Hyper-V extensible switchKey Tenets Benefit to ISVS Benefit to IT ProfessionalsOpen platform w/public API Write only the functionalitiesdesiredMinimal footprint for errorsFirst-class citizen of system Free system services (e.g., LiveMigration)Extensions from various ISVs work­togetherExisting API model Faster development Larger pool of extension implementersLogo certification and richframeworkHigher customer satisfaction Higher extension qualityUnified Tracing thru virtualswitchLower support costs Shorter downtimes
  34. 34. A complete virtualization platform CHAPTER 2 23Configuring virtual switchesFigure 2-1 shows the Windows Filtering Platform (WPF) extension selected in the VirtualSwitch Manager of the Hyper-V Console in Windows Server 2012. Note that once ­extensionsare installed on the host, they can be enabled or disabled and also have their order­rearranged by moving them up or down in the list of switch extensions.FIGURE 2-1  Virtual switch extensions for the Hyper-V extensible switch.You can also use Windows PowerShell to create, delete, and configure extensible switcheson ­Hyper-V hosts. For example, Figure 2-2 shows how to use the Get-VMSwitchExtensioncmdlet to display details concerning the extensions installed on a specific switch.
  35. 35. 24 CHAPTER 2 Foundation for building your private cloudFIGURE 2-2  Displaying all extensions installed on the virtual switch named CONTOSO.You also can display the full list of Windows PowerShell cmdlets for managing the­extensible switch, as Figure 2-3 illustrates.FIGURE 2-3  Displaying all Windows PowerShell cmdlets for managing virtual switches.Troubleshooting virtual switchesMicrosoft also has extended Unified Tracing through the Hyper-V extensible switch, whichmakes it easier for you to diagnose problems that may occur. For example, if you are­experiencing issues that you think might be connected with the extensible switch, you couldattempt to troubleshoot the problem by turning on tracing using the Netsh commandlike this:netsh trace start provider=Microsoft-Windows-Hyper-V-VmSwitch capture=yescapturetype=vmswitch
  36. 36. A complete virtualization platform CHAPTER 2 25Then you would try and reproduce the issue while tracing is turned on. Once a repro hasoccurred, you could disable tracing with netsh trace stop and then review the generatedEvent Trace Log (ETL) file using Event Viewer or Network Monitor. You also could review theSystem event log for any relevant events.Performance monitoring improvementsWindows Server 2012 exposes more Event Tracing for Windows (ETW) dataproviders and performance items than Windows Server 2008 R2. With thisexposure comes the vital need for the IT professional to know which datasets arerelevant to their specific monitoring situation. It’s not feasible nor appropriate tojust gather everything, for system monitoring has in it a touch of physics . . .a modified Heisenberg uncertainty principle is afoot; One cannot monitor a systemwithout impacting it to some degree. To how much of a degree is at question. Finelytuned data collector sets by Performance Analysis of Logs (PAL; seehttp://pal.codeplex.com) can be used by the IT professional to ensure they are onlygathering the data necessary to their problem set, so as to not negatively impactsystem performance too heavily while monitoring or baselining systems.One advantage to using ETW data providers rather than performance counterobject items is that ETW providers come from the kernel itself typically, rather thancoming from user mode measurements. What this means is that the data from ETWdata providers is more accurate and more reliable and also puts a lower load on thesystem. ETW logging is unlikely to suffer from missing data sets due to high systemload as well. Look for guidance on which items to collect though before diving in;ETL tracing can grow log files quickly.Jeff StokesPlatforms PFEAdditional capabilitiesA number of other advanced capabilities also have been integrated by Microsoft into theHyper-V extensible switch to help enhance security, monitoring, and troubleshooting­functionality. These additional capabilities include the following:■■ DHCP guard  Helps safeguard against Dynamic Host Configuration Protocol (DHCP)man-in-the-middle attacks by dropping DHCP server messages from unauthorizedVMs pretending to be DHCP servers■■ MAC address spoofing  Helps safeguard against attempts to use ARP spoofing tosteal IP addresses from VMs by allowing VMs to change the source MAC address inoutgoing packets to an address that is not assigned to them
  37. 37. 26 CHAPTER 2 Foundation for building your private cloud■■ Router guard  Helps safeguard against unauthorized routers by dropping router­advertisement and redirection messages from unauthorized VMs pretending to be routers■■ Port mirroring  Enables monitoring of a VM’s network traffic by forwarding copies ofdestination or source packets to another VM being used for monitoring purposes■■ Port ACLs  Helps enforce virtual network isolation by allowing traffic filtering basedon media access control (MAC) or IP address ranges■■ Isolated VLANs   Allows segregation of traffic on multiple VLANs to facilitate­isolation of tenant networks through the creation of private VLANs (PVLANs)■■ Trunk mode  Allows directing traffic from a group of VLANs to a specific VM■■ Bandwidth management   Allows guaranteeing a minimum amount of bandwidthand/or enforcing a maximum amount of bandwidth for each VM■■ Enhanced diagnostics   Allows packet monitoring and event tracing through theextensible switch using ETL and Unified TracingMost of these additional capabilities can be configured from the graphical user interface(GUI) by opening the VM’s settings. For example, by selecting the network adapter underHardware, you can specify bandwidth management settings for the VM. Figure 2-4 showsthese settings configured in such a way that the VM always has at least 50 MBps of networkbandwidth available, but never more than 100 MBps. If your hosts reside in a shared cloudbeing used to provision applications and services to business units or customers, these newbandwidth management capabilities can provide the benefit of helping you meet your SLAswith these business units or customers.FIGURE 2-4  Minimum and maximum bandwidth settings have been configured for this VM.
  38. 38. A complete virtualization platform CHAPTER 2 27Clicking the plus sign (+) beside Network Adapter in these settings exposes two new pages ofnetwork settings: Hardware Acceleration and Advanced Features. We’ll examine the ­HardwareAcceleration settings later in this chapter, but for now, here are the Advanced Features­settings which lets you configure MAC address spoofing, DHCP guard, router guard, portmirroring and NIC teaming for the selected network adapter of the VM, as shown in Figure 2-5.As the sidebar demonstrates, you also can use Windows PowerShell to configure and­manage the various advanced capabilities of the Hyper-V extensible switch.FIGURE 2-5  Configuring advanced features for network adapter settings for a VM.Using Windows PowerShell to configure the extensible switchLet’s briefly look at two scenarios where Windows PowerShell can be used toconfigure­various features of the extensible network switch.Scenario 1: Enabling advanced networking featuresIn an upgrade scenario, you want to take advantage of advanced networking­features of the extensible network switch. Namely, you want to enable the ­followingon all VMs on a Hyper-V host:■■ DHCP Guard
  39. 39. 28 CHAPTER 2 Foundation for building your private cloud■■ Enable router advertisement guard■■ Enable Virtual Machine Queue (VMQ)Here’s what a VM looks like without any of the advanced networking features enabled:Now let’s do this on a Hyper-V host on every single VM on the Hyper-V host.First, let’s list all the VMs by issuing the Get-VM cmdlet:
  40. 40. A complete virtualization platform CHAPTER 2 29We have four VMs on this host. Let’s activate DHCP Guard, router advertisementguard, and VMQ in a single line:Once the Windows PowerShell prompt has returned, we can view the settings onany VM on this host:
  41. 41. 30 CHAPTER 2 Foundation for building your private cloudNote: to do this in a Hyper-V cluster, simply prepend the previous statement withGet-ClusterGroup:Scenario 2: Configure ACLs on a VMMost organizations have a management network segment and will typically­associate a physical NIC on the management network segment. Suppose you wantto limit the network segment associated with the virtual NIC connected to the­management network. Here’s how you’d create an ACL to accomplish this:This cmdlet allows both inbound and outbound traffic to the VM named wds02from the 192.168.1.0/24 segment. To view the settings:Adiy QasrawiConsultant, Microsoft Consulting Services (MCS)
  42. 42. A complete virtualization platform CHAPTER 2 31Learn moreIT pros can expect Microsoft partners and ISVs to take advantage of the extensible switchcapabilities of Hyper-V in Windows Server 2012 as new versions of their network monitoring,management, and security products begin to appear. For example:■■ Cisco Systems has announced that its Cisco Nexus 1000V distributed virtual switch willenable full VM-level visibility and security controls in Hyper-V environments; seehttp://newsroom.cisco.com/press-release-content?type=webcontent&articleId=473289.■■ inMon Corp. has announced that their sFlow traffic monitoring software will ­delivercomprehensive visibility into network and system resources in Hyper-V virtual­environments; see http://www.inmon.com/news/20111003.php.■■ 5nine Software has announced that version 3.0 of 5nine Security Manager will be thefirst completely host-based Virtual Firewall with Anti-Virus (AV) for Windows 8; seehttp://www.5nine.com/News/news-firewall3-preview.aspx.For an overview of the requirements, implementation, and manageability of the Hyper-Vextensible switch, see the topic “Hyper-V Virtual Switch Overview” in the TechNet Library athttp://technet.microsoft.com/en-us/library/hh831452.aspx. For additional overviews of theHyper-V extensible switch, see the topic “Hyper-V Virtual Switch Overview,” athttp://technet.microsoft.com/en-us/library/hh831823.aspx and the post “IntroducingHyper-V Extensible Switch,” on the Server & Cloud Blog at http://blogs.technet.com/b/­server-cloud/archive/2011/11/08/windows-server-8-introducing-hyper-v-extensible-switch.aspx.For a detailed overview of how the Hyper-V extensible switch operates and how to writeextensions for the switch, see the topic “Hyper-V Extensible Switch” in the Windows HardwareDevelopment section of MSDN at http://msdn.microsoft.com/en-us/library/windows/hardware/hh598161(v=vs.85).aspx.For a sample base library that can be used to implement a filter driver for the Hyper-V­extensible switch, see the topic “Hyper-V Extensible Virtual Switch extension filter driver” inthe Samples section of Dev Center—Hardware on MSDN at http://code.msdn.microsoft.com/windowshardware/Hyper-V-Extensible-Virtual-e4b31fbb/view/SourceCode.For more information on Windows PowerShell cmdlets like Get-VMSwitch,Get-VMSwitchExtension, Set-VMSwitchExtensionSwitchFeature, and other cmdlets for­configuring and managing the Hyper-V extensible switch, see “Hyper-V Cmdlets in WindowsPowerShell” in the TechNet Library at http://technet.microsoft.com/library/hh848559.aspx.Network VirtualizationAs discussed in Chapter 1, “The business need for Windows Server 2012,” in the IaaS cloudcomputing model, the cloud provider runs a datacenter that offers “VMs for rent” along withdynamically allocated resources. The customer owns the VM and manages it as “its server”in the cloud. The meaning of the terms cloud provider and customer can differ, of course,
  43. 43. 32 CHAPTER 2 Foundation for building your private clouddepending on whether you’re talking about a shared private cloud or a shared public cloud.Specifically, the following points apply:■■ In the shared private cloud scenario, the cloud provider is the organization itself, whichowns and operates its own datacenter, whereas the customers might be different­business units, departments, or offices in different locations.■■ In the shared public cloud scenario, the cloud provider is the hosting company,whereas the customers might be large enterprises, mid-sized companies, or even small­businesses. The hosting company owns and manages the datacenter and may “rentout” servers to customers, offer colocation of customer-owned servers, or both.In both scenarios, the cloud provider can provide the numerous benefits of cloud­computing to its customers, but typically not without problems using today’s technologies.For example, VLANs are typically used by cloud providers to isolate the servers belonging toone customer from those belonging to other customers and provisioned from the same cloud.VLANs accomplish this by adding tags to Ethernet frames. Then Ethernet switches can beconfigured to enforce isolation by allowing nodes that have the same tag to ­communicate witheach other, but not with nodes having a different tag. But VLANs have several ­limitations:■■ They have limited scalability because typical Ethernet switches support no more than1,000 VLAN IDs (with a theoretical maximum of 4,094).■■ They have limited flexibility because a single VLAN can’t span multiple IP subnets.■■ They have high management overhead associated with them because Ethernet­switches need to be reconfigured each time a VLAN is added or removed.Another problem that customers often experience when contemplating moving theircomputing resources to the cloud is IP addressing. The issue is that the customer’s existinginfrastructure typically has one addressing scheme, whereas the datacenter network has anentirely different addressing scheme. So when a customer wants to move one of its serversinto the cloud, typically by virtualizing the workload of the existing physical server so theworkload can be run as a VM hosted within the cloud provider’s datacenter, the customer isusually required to change the IP address of their server so it can fit the addressing schemeof the cloud provider’s network. This can pose difficulties, however, because IP addresses areoften tied to geographical locations, management policies, and security policies, so changingthe server’s address when its workload is moved into the cloud may result in routing issues,servers moving out of management scope, or security policies failing to be applied properly.It would simplify cloud migrations a lot if the customer’s servers could keep their ­existingIP addresses when their workloads are virtualized and moved into the cloud provider’s­datacenter. That way, the customer’s existing routing, management, and security policiesshould continue to work as before. And that’s exactly what Network Virtualization does!How Network Virtualization worksNetwork Virtualization is a new feature in Windows Server 2012 that lets you keep yourown internal IP addresses when moving your servers into the cloud. For example, let’s say
  44. 44. A complete virtualization platform CHAPTER 2 33that you have three on-premises physical servers having private IP addresses 192.168.33.45,192.168.33.46, and 192.168.33.47, and you want to move these servers to the datacenter ofa cloud provider called Fabrikam. These servers are currently in the 192.168.0.0/16 addressspace, and Fabrikam’s datacenter uses 10.0.0.0/24 for its datacenter network’s address space.If Fabrikam has Windows Server 2012 deployed in its datacenter, you’re in luck because yourservers can keep their existing IP addresses when their workloads are migrated into VMsrunning on Fabrikam host machines. This means that your existing clients, which are used toaccessing servers located on the 192.168.0.0/16 subnet, will be able to continue doing so withno modifications needed to your routing infrastructure, management platform, or networksecurity policies. That’s Network Virtualization at work.But what if another customer of Fabrikam uses the exact same subnetting scheme forits own virtualized workloads? For example, let’s say that Northwind Traders also has been­using 192.168.0.0/16 on its private network, and one of the servers it’s moved into Fabrikam’s­datacenter has the exact same IP address (192.168.33.45) as one of the servers that you’vemoved into Fabrikam’s datacenter? No problem! Network Virtualization in Windows Server2012 provides complete isolation between VMs belonging to different customers even ifthose VMs use the exact same IP addresses!Network Virtualization works by allowing you to assign two different IP addresses to eachVM running on a Windows Server 2012 Hyper-V host. These two addresses are:■■ Customer address (CA)  The IP address that the server had when it resided on thecustomer’s premises before it was migrated into the cloud. In the previous ­example,this might be the 192.168.33.45 address for a particular server that the ­customer wantsto move to the cloud.■■ Provider address (PA)  The IP address assigned by the cloud provider to the serveronce the server has been migrated to the provider’s datacenter. In the previous example,this could be 10.44.2.133, or some other address in the 10.0.0.0/24 address space.From the customer’s perspective, communication with the migrated server is just the sameas if the server still resided on the customer’s own premises. This is because the VM ­runningthe customer’s migrated workload can see and use its customer address and thus can bereached by other hosts on the customer’s network. The VM cannot see or use its provideraddress, ­however, because this address is visible only to the hosts on the cloud provider’snetwork.Network Virtualization thus lets the cloud provider run multiple virtual networks ontop of a single physical network in much the same way as server virtualization lets yourun multiple virtual servers on a single physical server. Network Virtualization also isolateseach virtual network from every other virtual network, with the result that each virtualnetwork has the illusion that it is a separate physical network. This means that two ormore virtual networks can have the exact same addressing scheme, yet the networks willbe fully isolated from one another and each will function as if it is the only network withthat scheme.
  45. 45. 34 CHAPTER 2 Foundation for building your private cloudTo make this all happen, Network Virtualization needs a way of virtualizing IP addressesand mapping them to physical addresses. Network Virtualization in Windows Server 2012­offers two ways of accomplishing this:■■ Network Virtualization Generic Routing Encapsulation (NVGRE)  In this­approach, all the VM’s packets are encapsulated with a new header before they aretransmitted onto the physical network. NVGRE requires only one PA per host, which isshared by all VMs on that host.■■ IP rewrite  This approach modifies the customer addresses of packets while they arestill on the VM and before they are transmitted onto the physical network. IP rewriterequires a one-to-one mapping of customer addresses to provider addresses.NVGRE is compatible with today’s datacenter network hardware infrastructure and is therecommended approach for implementing Network Virtualization.Because Network Virtualization is intended for datacenters, implementing it requires thatyou have a VM management framework in place. System Center Virtual Machine Manager2012 Service Pack 1 provides such a framework and lets you use Windows PowerShell or WMIto create and manage virtual networks.Benefits of Network VirtualizationNetwork Virtualization is key to being able to build and provision multi-tenant cloud­services, both for shared private clouds, where the “customers” are ­different business unitsor ­departments, and for public cloud scenarios, where the cloud provider offers “space torent” to all comers. Network Virtualization lets you create multi-tenant networks whereeach ­network is fully isolated from all other ­networks, and it does this without any of the­limitations of or overhead ­associated with the job of creating and managing VLANs. Thismeans that cloud ­providers can use Network Virtualization to create as many networks asyou want—­thousands and thousands of them for example if you are a large ­hosting­provider—and then move workloads anywhere you want without having to ­perform thearduous (and error-prone) task of reconfiguring VLANs.Network Virtualization also provides greater flexibility for VM placement, which helpsreduce overprovisioning and fragmentation of resources for the cloud ­provider. By enablingdynamic VM placement, the cloud provider can make best use of the compute, network, andstorage resources within their datacenter and can monitor and control the provisioning ofthese resources more easily.Regardless of whether you are a customer looking to migrate your server workloads intothe cloud, an enterprise seeking to implement a shared private cloud for provisioning ­“serversfor rent” to different divisions or locations, or a hosting provider wanting to offer cloudhosting services to large numbers of ­customers, Network Virtualization in Windows Server2012 provides the foundation for achieving your goals. Table 2-2 summarizes the benefits ofNetwork ­Virtualization to these different parties.

×